Control for inviting an unaythenticated user to gain access to display of content that is otherwise accessible with an authentication mechanism

ABSTRACT

Enabling an authenticated user to access content associated with an authenticated user as though the authenticated user had a selected user relationship with the authenticated user. The user relationship may comprise a relationship degree, a relationship category, a relationship rating, and/or the like. An invitation to join an electronic service, such as an online social network, is sent to the unauthenticated user at an address known to the authenticated user. The invitation includes a time-limited token, such as a URL, that includes an invitation identifier, which relates the invitation to the authenticated user content. The token may be encrypted in the invitation. The unauthenticated user returns the token as a request to preview the authenticated user content without first becoming an authenticated user of the electronic service. If the token is still valid, access is granted. The unauthenticated user may also request to establish a connection with the authenticated user.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Utility application Ser. No.10/832,172 filed on Apr. 26, 2004, the benefit of the earlier filingdate of which is hereby claimed under 35 U.S.C. §120 and which isfurther hereby incorporated by reference.

FIELD OF ART

The present invention relates generally to computing software formanaging display of content, and more particularly to a method andsystem for enabling an unauthenticated user to view selected contentbased on a token from an authenticated user.

BACKGROUND

Many computing systems enable a user to control access to informationthrough passwords, encryption keys, presence settings, and/or othermethods. Some online systems enable a user to enter information aboutthe user and enable the user to control whether, how, or whichinformation is accessible to other users. For example, some onlinesystems enable a user to enter a profile of information and establish agroup of contacts. Such systems may enable only those contacts to accessthe profile information and/or detect whether the user is currentlylogged into an online service, such as a messaging service, a jobplacement service, or other topic-specific service. The set of contactscomprise a network of people who know a user well enough to providetheir contact information. This is sometimes considered a single-levelsocial network.

More broadly, a social network typically comprises a person's set ofdirect and indirect personal relationships. Direct personalrelationships usually include relationships with family members,friends, colleagues, coworkers, and other people with which the personhas had some form of direct contact, such as contact in person, bytelephone, by email, by instant message, by letter, and the like. Thesedirect personal relationships are sometimes referred to as first degreerelationships. First degree relationships can have varying degrees ofcloseness, trust, and other characteristics. These relationships canalso be unidirectional or bidirectional. A unidirectional relationshiptypically means that a first person is willing and able to interact witha second person, but the second person is not willing or able tointeract with the first person. Conversely, a bidirectional relationshiptypically means that both people are willing and able to interact witheach other.

Indirect personal relationships typically include relationships throughfirst degree relationships to other people with whom a person has nothad some form of direct contact. For example, a friend of a friendrepresents an indirect personal relationship. A more extended, indirectrelationship might be a friend of a friend of a friend. These indirectrelationships are sometimes characterized by a degree of separationbetween the people. For instance, a friend of a friend can becharacterized as a second degree relationship.

Online social network services have developed based on specific topics,such as job placement and dating. These online social network servicesenable users to connect with each other if they did not previously knoweach other, but may share a common interest. After a connection is made,the users may view information about each other and/or send messages toeach other, but there is little else for the users to do through theonline network service. These online network services also generallyrequire a new user to subscribe to the service before the new user hasaccess to any information about other users, even information about anexisting user that invites the new user to join the online service.

BRIEF DESCRIPTION OF THE DRAWINGS

Non-limiting and non-exhaustive embodiments of the present invention aredescribed with reference to the following drawings. In the drawings,like reference numerals refer to like parts throughout the variousfigures unless otherwise specified.

For a better understanding of the present invention, reference will bemade to the following Detailed Description of the Invention, which is tobe read in association with the accompanying drawings, wherein:

FIG. 1 shows a functional block diagram illustrating one embodiment ofan environment for practicing the invention;

FIG. 2 shows one embodiment of a server device that may be included in asystem implementing the invention;

FIG. 3 shows a screen shot of a client user interface., illustrating asample email invitation message received by an invitee;

FIG. 4 shows a screen shot of a client user interface, illustrating asample preview of content that the invitee accessed b selecting apreview link in the imitation;

FIG. 5 illustrates an exemplary architecture that may he used to enablean inviter client to send an invitation to an invitee client;

FIG. 6 is a flow diagram illustrating exemplary logic of an exemplaryoverall process of actions by the inviter client and invitee client thatenables the invitee client to access content; and

FIG. 7 is a flow diagram illustrating exemplary logic of a serverprocess for enabling access to content by an unauthenticated user.

DETAILED DESCRIPTION OF EMBODIMENTS

The present invention now will be described more fully hereinafter withreference to the accompanying drawings, which form a part hereof, andwhich show, by way of illustration, specific exemplary embodiments bywhich the invention may be practiced. This invention may, however, beembodied in many different forms and should not be construed as limitedto the embodiments set forth herein; rather, these embodiments areprovided so that this disclosure will be thorough and complete, and willfully convey the scope of the invention to those skilled in the art.Among other things, the present invention may be embodied as methods ordevices. Accordingly, the present invention may take the form of anentirely hardware embodiment, an entirely software embodiment or anembodiment combining software and hardware aspects. The followingdetailed description is therefore, not to be taken in a limiting sense.

The terms “comprising,” “including,” “containing,” “having,” and“characterized by,” refer to an open-ended or inclusive transitionalconstruct and does not exclude additional, unrecited elements, or methodsteps. For example, a combination that comprises A and B elements, alsoreads on a combination of A, B, and C elements. The meaning of “a,”“an,” and “the” include plural references. The meaning of “in” includes“in” and “on,” Additionally, a reference to the singular includes areference to the plural unless otherwise stated or is inconsistent withthe disclosure herein. The term “or” is an inclusive “or” operator, andincludes the term “and/or,” unless the context clearly dictatesotherwise. The phrase “in one embodiment,” as used herein does notnecessarily refer to the same embodiment, although it may. Similarly,the phrase “in another embodiment,” as used herein does not necessarilyrefer to a different embodiment, although it may. The term “based on” isnot exclusive and provides for being based on additional factors notdescribed, unless the context clearly dictates otherwise. The term“user” can include a computer user, an online service subscriber, anonline social network user and/or other person using an electronicdevice.

The term “social network” can include a group of people with which auser has direct and/or indirect relationships, as well as a service forcommunicating information to and/or from any of the people with which auser has direct and/or indirect relationships. However, an indirectrelationship can also be through a shared interest, without any degreeof personal relationship between intermediate people. For example, a setof complete strangers can comprise a social network on the basis of acommon interest in a topic or an activity, such as fishing. Thus, theterm social network includes a group of people associated by a commoninterest and/or a service for communicating information to and/or fromany of the people with which a user has an interest relationship.

Embodiments of the present invention provide many capabilities toutilize social networks and/or other networks. Personal relationshipsand/or interest relationships can be utilized to find and developrelevant connections for a variety of activities, such as jobnetworking, service referrals, dating, and the like. Finding anddeveloping relevant connections can be accelerated with online services.However, potential new users may be reluctant to join an online serviceand/or to respond to a request to participate with another member of theonline service not known to the user. An invitation from a known contactmay help an invitee feel more comfortable about joining the service.However, even an invitee may be reluctant to join before seeing a sampleof the service. Trust can be built faster if information is not just asample, but information that the invitee may access if the invitee joinsthe service.

To build trust quickly, information about an inviter can be provided tothe invitee. For example, the invitee may be allowed to temporarilyaccess content from the inviter's personal web page. The content mayinclude the inviter's web log, a collection of photos, a list ofrecommended restaurants, and/or other content relevant to the inviter.The inviter can control which portions of content are accessible to theinvitee. For example, if the inviter is inviting a former classmate, theinviter may limit the content to that which is accessible to theinvitees registered classmates. Many other types of information can heprovided based on inviter selections. Embodiments of the presentinvention enable members to control information access, yet speed theprocess of building trust, and generally to enhance experiences relatingto an online social network and/or other networks.

Illustrative Operating Environment

FIG. 1 illustrates one embodiment of an environment in which the presentinvention may operate. However, not all of these components may berequired to practice the invention, and variations in the arrangementand type of the components may be made without departing from the spiritor scope of the invention.

As shown in the figure, system 100 includes client devices 102-104,network 105, an optional portal server 106, and a social network server(SNS) 108. Network 105 is in communication with and enablescommunication between each of client devices 102-104, portal server 106,and SNS 108.

Client devices 102-104 may include virtually any computing devicecapable of receiving and sending a message over a network, such asnetwork 105, to and from another computing device, such as SNS 108, eachother, and the like. The set of such devices may include devices thattypically connect using a wired communications medium such as personalcomputers, multiprocessor systems, microprocessor-based or programmableconsumer electronics, network PCs, and the like. The set of such devicesmay also include devices that typically connect using a wirelesscommunications medium such as cell phones, smart phones, pagers, walkietalkies, radio frequency (RF) devices, infrared (IR) devices, CBs,integrated devices combining one or more of the preceding devices, orvirtually any mobile device, and the like. Similarly, client devices102-104 may be any device that is capable of connecting using a wired orwireless communication medium such as a PDA, POCKET PC, wearablecomputer, and any other device that is equipped to communicate over awired and/or wireless communication medium.

Each client device within client devices 102-104 may include a browserapplication that is configured to send, receive, and display web pages,and the like. The browser application may be configured to receive anddisplay graphics, text, multimedia, and the like, employing virtuallyany web based language, including, but not limited to StandardGeneralized Markup Language (SMGL), such as HyperText Markup Language(HTML), extensible markup language (XML), a wireless applicationprotocol (WAP), a Handheld Device Markup Language (HDML), such asWireless Markup Language (WML), WMLScript, JavaScript, and the like.

Client devices 102-104 may be further configured to receive a messagefrom another computing device employing another mechanism, including,but not limited to email, Short Message Service (SMS), MultimediaMessage Service (MMS), instant messaging (IM), Internet relay chat(IRC), mIRC, Jabber, and the like.

Client devices 102104 may be further configured to enable a user tomanage a user profile, degrees of relationships, categories ofrelationships, activity participation, and the like, which may in turnbe saved at a remote location, such as SNS 108, and the like. As such,client devices 102-104 may further include a client application that isconfigured to manage various actions on behalf of the client device. Forexample, the client application may enable a user to interact with thebrowser application, email application, and the like, to customize howanother social network user might view a persona, profile, or the likeassociated with the user. For example, the user may employ the clientapplication, in part, to provide one customized view for family members,another customized view for poker members, yet another view for fishingbuddies, and the like. The client application may interact with aprocess such as described below to customize and manage such views, andenable unauthenticated users to preview portions of content.

Network 105 is configured to couple one computing device to anothercomputing device to enable them to communicate. Network 105 is enabledto employ any form of computer readable media for communicatinginformation from one electronic device to another. Also, network 105 mayinclude a wireless interface, and/or a wired interface, such as theInternet, in addition to local area networks (LANs), wide area networks(WANs), direct connections, such as through a universal serial bus (USB)port, other forms of computer-readable media, or any combinationthereof. On an interconnected set of LANs, including those based ondiffering architectures and protocols, a router acts as a link betweenLANs, enabling messages to be sent from one to another. Also,communication links within LANs typically include twisted wire pair orcoaxial cable, while communication links between networks may utilizeanalog telephone lines, full or fractional dedicated digital linesincluding T1, T2, T3, and T4, Integrated Services Digital Networks(ISDNs), Digital Subscriber Lines (DSLs), wireless links includingsatellite links, or other communications links known to those skilled inthe art. Furthermore, remote computers and other related electronicdevices could be remotely connected to either LANs or WANs via a modemand temporary telephone link. In essence, network 105 includes anycommunication method by which information may travel between clientdevices 102-104, portal server 106, and/or SNS 108.

The media used to transmit information in communication links asdescribed above illustrates one type of computer-readable media, namelycommunication media. Generally, computer-readable media includes anymedia that can be accessed by a computing device, Computer-readablemedia may include computer storage media, communication media, or anycombination thereof.

Additionally, communication media typically embodies computer-readableinstructions, data structures, program modules, or other data in amodulated data signal such as a carrier wave, data signal, or othertransport mechanism and includes any information delivery media. Theterms “modulated data signal,” and “carrier-wave signal” includes asignal that has one or more of its characteristics set or changed insuch a manner as to encode information, instructions, data, and thelike, in the signal. By way of example, communication media includeswired media such as twisted pair, coaxial cable, fiber optics, waveguides, and other wired media and wireless media such as acoustic, RF,infrared, and other wireless media.

Portal server 106 and SNS 108 may comprise multiple computing devices ora single computing device. Portal server 106 may provide online servicessuch as messaging, search, news, shopping, advertising, and/or the like.SNS 108 may provide similar service and/or other services that alsoenable users to centralize the sharing of information and viewing ofinformation regarding other users and themselves. For example, users mayhave a personal web site to share and view online journals (e.g.,blogs), photos, reviews, and the like. For exemplary purposes, theoperations of portal server 106 and SNS 108 are described together, andgenerally refer to SNS 108. Briefly, SNS 108 may include any computingdevice capable of connecting to network 105 and may manage customizationof views associated with a social network user, such as a user of atleast one of client devices 102-104. Devices that may operate as SNS 108include dedicated servers, personal computers, desktop computers,multiprocessor systems, microprocessor-based or programmable consumerelectronics, network PCs, and the like.

SNS 108 may be configured to receive information associated with aclient user and to enable the user to customize a view based in part, onthe received information. The received information may include, but isnot limited to, relationship degree information, relationship categoryinformation, relationship rating information, membership informationassociated with a category, device information, presence information,profile information, activity information, and the like.

SNS 108 may further employ the received information to enable the userto customize a view associated with a social network perspective, basedin part on a degree of relationship, relationship categorization,relationship rating, and/or other criteria. By sharing varyingquantities of personal information with other social network users, theuser may put forth different online profiles, public personas, and thelike. The user may also determine how information about the user will bedisplayed to other users. The received criteria employed to enablecustomization of the views may include, but is not limited to, degreesof separation, category of relationship (such as friend, family,colleague, and the like), as well as any assessment of closeness, trust,an offline group affiliation, an online group affiliation, and the like.SNS 108 enables the user to preview the view resulting from applying thereceived criteria.

SNS 108 may also enable another social network user, such as a user ofone of client devices 102-104, to view the customized view based on thereceived criteria. SNS 108 may employ a web service, email service, andthe like, to make the customized view available to the other socialnetwork user, as appropriate. SNS 108 may employ processes such asdescribed in more detail below to manage the customized views, andenable another social network user to view content even if the otheruser is not an authenticated user of SNS 108. SNS 108 may be implementedon one or more computing devices, such as a server described with regardto FIG. 2.

Illustrative Server Environment

FIG. 2 shows one embodiment of a server, according to one embodiment ofthe invention. Server 200 may include many more components than thoseshown. The components shown, however, are sufficient to disclose anillustrative embodiment for practicing the invention.

Server 200 includes processing unit 212, video display adapter 214, anda mass memory, all in communication with each other via bus 222. Themass memory generally includes RAM 216, ROM 232, and one or morepermanent mass storage devices, such as hard disk drive 228, tape drive,optical drive, and/or floppy disk drive. The mass memory storesoperating system 220 for controlling the operation of server 102. Anygeneral-purpose operating system may be employed. Basic input/outputsystem (“BIOS”) 218 is also provided for controlling the low-leveloperation of server 200. As illustrated in FIG. 2, server 200 also cancommunicate with the Internet, or some other communications network,such as network 105 in FIG. 1, via network interface unit 210, which isconstructed for use with various communication protocols including theTCP/IP protocol. Network interface unit 210 is sometimes known as atransceiver, transceiving device, network interface card (NIC), and thelike.

The mass memory as described above illustrates a type ofcomputer-readable media, namely computer storage media. Computer storagemedia may include volatile, nonvolatile, removable, and non-removablemedia implemented in any method or technology for storage ofinformation, such as computer readable instructions, data structures,program modules, or other data. Examples of computer storage mediainclude RAM, ROM, EEPROM, flash memory or other memory technology,CD-ROM, digital versatile disks (DVD) or other optical storage, magneticcassettes, magnetic tape, magnetic disk storage or other magneticstorage devices, or any other medium which can be used to store thedesired information and which can be accessed by a computing device.

The mass memory also stores program code and data. One or moreapplications 250 are loaded into mass memory and run on operating system220. Examples of application programs include email programs,schedulers, calendars, web services, transcoders, database programs,word processing programs, spreadsheet programs, and so forth. Massstorage may also include applications such as a behavior tracker 252,which may track a user's online activities with the user's permission.Behavior tracker 252 may track the user's portal service behaviors(e.g., web searches, online purchases, etc.), the user's social networkservice behaviors (e.g., frequency of inviting others to join,participation in particular social network activities, etc.), and/orother behaviors.

Mass storage may further include modules that are useful for managing auser's social network, such as a content manager 254, a permissionsdatabase 256, an invitation IDs database 257, and an invitation module258. Content manager 254 may include a database, text, folder, file, andthe like, that is configured to maintain and store information that theuser's wishes to use and/or share with a social network. Content mayinclude the user's profile information, online journals (e.g., blogs),reviews of products and/or services, photographs, and the like. Thecontent may be entered by the user or obtained from other sources. Thecontent may be used only with the social network or with other services,such as the portal service. The content, and modules to control thecontent, may be centralized or distributed over a number of resources.

Permissions database 256 may be included with content manager 254 orprovided as a separate entity. Permissions database 256 may enable theuser to establish and store content access permission based on userrelationships, types of content, and the like. User relationships mayinclude relationship degrees (e.g., 1^(st), 2^(nd), 3^(rd), etc.),user-definable relationship categories (e.g., family, co-workers,fishing buddies, etc.), relationship ratings (e.g., closest, close,connected, acquainted, haven't met, etc.), and/or other forms ofrelationships.

Invitation IDs database 257 may be included with permissions database256 or provided as a separate entity. Invitation IDs database 257generally stores identifiers and other information regarding invitationsfrom existing social network users to other users, inviting the otherusers to establish a social network connection with the existing socialnetwork users. An invitation module 258 manages the invitations andcoordinates authentication of users and/or tokens that may be used as ameans of authentication. The tokens can take any form, and are describedbelow in the form of a URL that identifies an invitation from anauthenticated inviter. The URL provides an invitee with access tocontent, although the invitee may not be an authenticated user.

Server 200 also includes input/output interface 224 for communicatingwith external devices, such as a mouse, keyboard, scanner, or otherinput devices not shown in FIG. 2. Likewise, server 200 may furtherinclude additional mass storage facilities such as CD-ROM/DVD-ROM drive226 and hard disk drive 228. Hard disk drive 228 is utilized by server200 to store, among other things, application programs, databases,content manager 254, permissions database 256, invitation IDs database257, invitation module 258, and the like.

Illustrative Cheat User Interface

A user interface and operation of certain aspects of an embodiment ofthe present invention will now be described with respect to FIGS. 3-4.FIG. 3 shows a screen shot of a client user interface 300, illustratinga sample email invitation message received by an invitee, who is notnecessarily an authenticated user of an online service with which anauthenticated inviter is registered. The invitation message may includesome information about the inviter, such as one or more images, profileinformation, message text, and the like. The invitation message furtherincludes a preview link 302 that enables the invitee to access othercontent without necessarily being an authenticated user of the onlineservice. The invitee may preview the content to determine more about theinvitee and/or the online service. The invitation message also includesa connection link 304 that enables the invitee to become anauthenticated user of the online service and establish a connection withthe inviter.

FIG. 4 shows a screen shot of a client user interface 350, illustratinga sample preview of content that the invitee accessed by selectingpreview link 302 of FIG. 3. The sample preview generally displayscontent that the invitee would see if the invitee were to register withthe online service and become an authenticated user. The preview contentmay include more information provided by the inviter, such as blogentries, photos, lists of interests, other users associated with theinviter, product and/or service reviews submitted by the inviter,profile information about the inviter, and the like. The preview mayalso include a connection link 354 that enables the invitee to become anauthenticated user of the online service and establish a connection withthe inviter.

Illustrative Architecture And Logic

FIG. 5 illustrates an exemplary architecture that may be used to enablean inviter client 102 a to send an invitation to an invitee client 102 bsuch that the invitation enables invitee client 102 b to access contentwithout authenticating invitee client 102 b. Inviter client 102 a andinvitee client 102 b may communicate through network 105 to a server 108a. In this sample architecture, the server includes an invitation module360 that generally manages authentication and access to content.Invitation module 360 communicates with a permissions database 362 thatmay comprise an access control list or other data store. Permissiondatabase 362 generally maintains associations between user relationshipsand content. Registered clients, such as inviter client 102 a, mayassign one or more user relationships to all or portions of content,indicating which user relationship(s) are required to access eachportion of content. For example, a registered client may specify thatsome profile information may be accessed by other users with a seconddegree relationship (or closer) to the registered client (e.g., a friendof a friend). The registered client may specify that other profileinformation may be accessed only by other users with a first degreerelationship. The registered client may further specify a level ofaccess through invitations. A default may be set, such that invitees mayaccess content as if the invitee already had a first degree relationshipwith the inviter. Since the inviter is asking the invitee to establish adirect connection, the invitee may be allowed access to content as ifthe invitee already had a first degree relationship with the inviter.However, an embodiment may allow the registered client to control theaccess. For example, the registered client may specify that invitationsshould limit access to information that is available to other users thatare within a certain category of first degree users, such as a categoryof co-workers. Alternatively, an embodiment may allow the registereduser to specify that invitations should limit access to information thatis available to other users with a second degree relationship, but notinformation that is available to other users with a first degreerelationship to the registered user. These assignments may be stored in,or accessed by permissions database 362.

Permissions database 362 and invitation module 360 also communicate witha content data store 364, which maintains the blogs, profileinformation, lists, and/or other content provided by the registeredclient users. Optionally, content data store 364 and permissionsdatabase 362 may communicate with an intro content data store (notshown), which may store one or more subsets of content. The subsets ofcontent may generally have the same permissions assigned as thecorresponding fill content. The subsets generally comprise introductorycontent such as the first twenty-five words of a blog entry, the firstcouple of items on a list, titles of review, thumb nail photos offriends, and/or other content that provides initial information aboutfull content.

Invitation module 360 determines which content to accesses based on theuser relationship associated with an invitation. The invitation modulealso determines an invitation ID for each invitation, and stores theinvitation ID in an invitation ID database 366. The invitation ID isassociated with the inviter, so that the appropriate content can beaccessed when the corresponding invitee requests access to the contentassociated with the particular invitation. Invitation ID database 366may store this association. The invitation ID database may also storeencryption/decryption information that enables invitation module 360 todetermine whether a valid request has been submitted from an invitee. Byselecting the preview link, invitee client 102 b submits a token (suchas an encrypted URL) that may be decrypted to determine whether therequest is valid and/or whether the corresponding invitation is stillvalid. Invitation module 360 may then assemble, format, and/or otherwiseprepare the introductory content or full content, and deliver it toinvitee client 102 b in the invitation and/or in a preview. In anotherembodiment, substantially all of the introductory content and/or thefull content may be delivered to invitee client 102 b, which may filterthe content for preview based on the user relationship selected by theinviter client 102 a and associated with the invitation.

FIG. 6 is a flow diagram illustrating exemplary logic of an exemplaryoverall process of actions by the inviter client and invitee client thatenables the invitee client to access content even though the inviteeclient is not necessarily authenticated. At an operation 370, theinviter sets preview information, such as specifying degrees ofrelationships required to access certain content. The inviter may alsoset a level of access to be associated with invitations. At an operation372, the inviter identifies an invitee (e.g., specifies an emailaddress), and sends a request to the server to send an invitation to theinvitee. The server generates an invitation ID and a token for accessingthe appropriate content associated with the inviter. The server thengenerates and sends the invitation, which is received and viewed by theinvitee at an operation 374. If the invitee chooses to preview thecontent, at a decision operation 376, the invitee selects the previewlink. This causes the token to be sent to the server, at an operation378, which enables access to the preview content. If the token is valid,the server sends the preview content to the invitee to view at anoperation 380.

If the invitee chooses to connect to the inviter, at a decisionoperation 382, the invitee selects the connection link. This indicatesthat the invitee accepts the invitation to register with the server. Atan operation 384, the server creates an online service account for theinvitee, or otherwise registers the invitee with the online service. Theinvitee is then an authenticated user. The invitee generally receivespermission to access the inviter's content with a first degree userrelationship level, at an operation 386. However, the relationship maybe limited to a particular category or further limited by the inviter.

FIG. 7 is a flow diagram illustrating exemplary logic of a serverprocess for enabling access to content by an unauthenticated user. At anoperation 400, the server receives a request from an inviter client tosend an invitation to an invitee. The request generally includes theinvitee's address. The request also may include a user relationship,such as a relationship category, so that the server can determine whichcontent will be accessible to the invitee. A default user relationshipmay be used for all invitations as an alternative to including the userrelationship in the request.

At an operation 402, the server generates an invitation ID and a URL tobe included in the invitation. The invitation ID uniquely identifies theinvitation so that the invitation is associated with the inviter, theinvitee, the user relationship used for the invitation, the content thatshould be accessible to the invitee, an invitation expiration date,and/or other information. The invitation ID, or a coded version of theinvitation ID, is included into the URL, which acts as a token withinthe invitation that enables the invitee to access the content via theserver. At a decision operation 404, the server determines whether theinvitation is to be sent to an invitee address that is outside an onlineservice network in which the server operates. The server may also use aninternal and/or external system to check a current presence of theinvitee, to determine if the message will be routed outside the onlineservice network, even if the invitee address is within the onlineservice network. For example, the invitee may have an email address thatis within the online service network, but the invitee may have selecteda presence setting, requiring that all messages be forwarded to a mobilephone as SMS messages. If the invitation should be routed within theonline service network, the server inserts the URL into an invitationmessage at an operation 406, without encrypting the URL. The server mayalso access some content associated with the inviter and add it to theinvitation, such as images, text, and/or other information associatedwith the inviter. The invitation is then sent to the invitee within theonline service network, which is considered secure. However, if theinvitee address is outside the online service network, or the presenceinformation indicates that the invitation will be routed outside theonline service network, the server encrypts the URL at an operation 408.The encryption may be performed with any of a number of techniques,including, but not limited to, public/private keys, secure hashalgorithms, and the like. The encrypted URL is inserted into aninvitation message along with content associated with the inviter. Theinvitation with the encrypted URL is then sent to the invitee at anoperation 410.

At an optional operation 412, the content and/or user relationship(s)may be updated while an invitation is outstanding. For example, theinviter may change assignments of relationship categories to content.There is no need to change the invitation. Rather, the URL will simplyrefer to the most current content and associations between content anduser relationships. At an operation 414, the server may receive arequest to preview the content. The request generally comes from theinvitee, although the request may come from another user to which theinvitation was forwarded by the invitee. Alternatively, the request maycome from the invitee, but from a device or communication account towhich the invitee currently wants messages forwarded. The requestresults from the invitee or other user selecting the preview link in theinvitation. The requesting client (e.g., the invitee client) would thensend the request with the URL. For example, the invitee client may sendthe URL in a hypertext transfer protocol (HTTP) post message. If the URLis encrypted, the server decrypts the URL at an operation 416.

At a decision operation 418, the server determines whether theinvitation is valid based on the (decrypted) URL. The server obtains theinvitation ID from the URL, and ensures that the invitation ID exists inthe invitation IDs database. If the invitation ID is in the invitationIDs database, the server checks the information associated with theinvitation ID. For example, if the invitation ID from the received URLis associated with an inviter who is no longer registered with theonline service, the server may deny the invitee's request to preview thecontent and/or redirect the request to a preview of other samplecontent. Similarly, if the URL indicates a relationship category that nolonger exists, the server may deny the invitee's request and/or redirectthe request. The server may also determine whether the invitation hasexpired, and/or another problem exists. If a problem occurs, the servermay optionally send a denial message at an operation 420, and/or takeother action.

If the invitee's request is determined to be valid, the server accessesthe content associated with the invitation ID, at an operation 422. Theinvitation ID is associated with the inviter, so the server generallyaccesses content provided by the inviter. The content is used togenerate a preview document, such as a preview web page, and the previewdocument is sent to the invitee at an operation 424. If the inviteeselects the connection link in the displayed preview document or in theinvitation, a connection request is sent from the invitee client andreceived by the server at an operation 426. The connection request mayalso be in the form of an HTTP post message that includes the invitationID, which identifies the inviter. At an operation 428, the serverregisters the invitee and establishes a connection between the inviteeand the inviter. The connection may use the same user relationship asthe invitation or a different user relationship specified by the inviterfor users that choose to connect to the inviter.

The above specification, examples, and data provide a completedescription of the manufacture and use of the composition of theinvention. Since many embodiments of the invention can be made withoutdeparting from the spirit and scope of the invention, the inventionresides in the claims hereinafter appended.

1-20. (canceled)
 21. A method comprising: associating, via a computingdevice, electronic content with an authenticated user, saidauthenticated user is a member of a computerized, online social network,said social network hosted by an electronic service and enabled forcommunication to and from authenticated users of the social network inaddition to communication to and from authenticated and unauthenticatedusers; associating, via the computing device, the electronic contentwith a user relationship involving the authenticated user, said userrelationship is created and controlled by the authenticated user;transmitting, via the computing device, a request generated by theauthenticated user for the unauthenticated user to join said userrelationship, said request comprising a request by said electronicservice for said unauthenticated user to join said social network, saidrequest further comprising an invitation by said authenticated user forsaid unauthenticated user to access said electronic content inaccordance with a relationship category, said relationship categorydesignated by said authenticated user and relates to an updated versionof said electronic content and associations between said content andsaid user relationship; receiving, at the computing device, a responseto said request from said unauthenticated user, said response comprisinginformation representative said authenticated user intends to join saiduser relationship and said social network; and establishing, via thecomputing device, the user relationship between the authenticated userand unauthenticated user, said establishing comprising enabling accessfor said unauthenticated user to at least a portion of said electroniccontent associated with the user relationship based at least in partupon said relationship category.
 22. The method of claim 21, whereinsaid electronic content comprises a preview of data associated withactivity said authenticated user has performed via said electronicservice, said activity associated with said social network.
 23. Themethod of claim 21, wherein said electronic content comprises a subsetof data associated with the authenticated user, wherein another subsetof data is associated with a different user relationship.
 24. The methodof claim 21, wherein said invitation to said unauthenticated user isfurther based upon a relationship rating associated with said userrelationship, said relationship rating comprising information indicatinga connection between said authenticated user and said unauthenticateduser.
 25. The method of claim 24, wherein said information indicating aconnection is based upon activity between said authenticated user andsaid unauthenticated user in either the real-world or over a network.26. The method of claim 21, wherein said invitation to saidunauthenticated user is further based upon a relationship degree betweensaid authenticated user and said unauthenticated user, said relationshipdegree comprising information representing a degree of separationbetween said authenticated user and said unauthenticated user.
 27. Themethod of claim 21, wherein said relationship category is further basedupon a type of said electronic content.
 28. The method of claim 21,further comprising: determining whether the response provided by theunauthenticated user is valid, said determination further comprising:determining that an expiration period associated with the request hasnot elapsed; determining that the authenticated user associated with therequest is still an authenticated user of the electronic service,wherein said request comprises a token associated with said electroniccontent and an identifier associated with said user relationship. 29.The method of claim 21, wherein said user relationship comprisespermissions set by said authenticated user, said permissions controllingsaid access by said unauthenticated user to said electronic content. 30.A computer-readable storage medium tangibly encoded withcomputer-executable instructions, that when executed by a computingdevice, performs a method comprising: associating electronic contentwith an authenticated user, said authenticated user is a member of acomputerized, online social network, said social network hosted by anelectronic service and enabled for communication to and fromauthenticated users of the social network in addition to communicationto and from authenticated and unauthenticated users; associating theelectronic content with a user relationship involving the authenticateduser, said user relationship is created and controlled by theauthenticated user; transmitting a request generated by theauthenticated user for the unauthenticated user to join said userrelationship, said request comprising a request by said electronicservice for said unauthenticated user to join said social network, saidrequest further comprising an invitation by said authenticated user forsaid unauthenticated user to access said electronic content inaccordance with a relationship category, said relationship categorydesignated by said authenticated user and relates to an updated versionof said electronic content and associations between said content andsaid user relationship; receiving a response to said request from saidunauthenticated user, said response comprising informationrepresentative said authenticated user intends to join said userrelationship and said social network; and establishing the userrelationship between the authenticated user and unauthenticated user,said establishing comprising enabling access for said unauthenticateduser to at least a portion of said electronic content associated withthe user relationship based at least in part upon said relationshipcategory.
 31. The computer-readable storage medium of claim 30, whereinsaid electronic content comprises a preview of data associated withactivity said authenticated user has performed via said electronicservice, said activity associated with said social network.
 32. Thecomputer-readable storage medium of claim 30, wherein said electroniccontent comprises a subset of data associated with the authenticateduser, wherein another subset of data is associated with a different userrelationship.
 33. The computer-readable storage medium of claim 30,wherein said invitation to said unauthenticated user is further basedupon a relationship rating associated with said user relationship, saidrelationship rating comprising information indicating a connectionbetween said authenticated user and said unauthenticated user.
 34. Thecomputer-readable storage medium of claim 33, wherein said informationindicating a connection is based upon activity between saidauthenticated user and said unauthenticated user in either thereal-world or over a network.
 35. The computer-readable storage mediumof claim 30, wherein said invitation to said unauthenticated user isfurther based upon a relationship degree between said authenticated userand said unauthenticated user, said relationship degree comprisinginformation representing a degree of separation between saidauthenticated user and said unauthenticated user.
 36. Thecomputer-readable storage medium of claim 30, wherein said relationshipcategory is further based upon a type of said electronic content. 37.The computer-readable storage medium of claim 30, further comprising:determining whether the response provided by the unauthenticated user isvalid, said determination further comprising: determining that anexpiration period associated with the request has not elapsed;determining that the authenticated user associated with the request isstill an authenticated user of the electronic service, wherein saidrequest comprises a token associated with said electronic content and anidentifier associated with said user relationship.
 38. Thecomputer-readable storage medium of claim 30, wherein said userrelationship comprises permissions set by said authenticated user, saidpermissions controlling said access by said unauthenticated user to saidelectronic content.
 39. A system comprising: at least one computingdevice comprising: memory storing computer-executable instructions; andone or more processors for executing said computer-executableinstructions, comprising: associating electronic content with anauthenticated user, said authenticated user is a member of acomputerized, online social network, said social network hosted by anelectronic service and enabled for communication to and fromauthenticated users of the social network in addition to communicationto and from authenticated and unauthenticated users; associating theelectronic content with a user relationship involving the authenticateduser, said user relationship is created and controlled by theauthenticated user; transmitting a request generated by theauthenticated user for the unauthenticated user to join said userrelationship, said request comprising a request by said electronicservice for said unauthenticated user to join said social network, saidrequest further comprising an invitation by said authenticated user forsaid unauthenticated user to access said electronic content inaccordance with a relationship category, said relationship categorydesignated by said authenticated user and relates to an updated versionof said electronic content and associations between said content andsaid user relationship; receiving a response to said request from saidunauthenticated user, said response comprising informationrepresentative said authenticated user intends to join said userrelationship and said social network; and establishing the userrelationship between the authenticated user and unauthenticated user,said establishing comprising enabling access for said unauthenticateduser to at least a portion of said electronic content associated withthe user relationship based at least in part upon said relationshipcategory.
 40. The system of claim 39 determining whether the responseprovided by the unauthenticated user is valid, said determinationfurther comprising: determining that an expiration period associatedwith the request has not elapsed; determining that the authenticateduser associated with the request is still an authenticated user of theelectronic service, wherein said request comprises a token associatedwith said electronic content and an identifier associated with said userrelationship.